You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all
machines in the same network quickly.
What is the best nmap command you will use?

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a
remote location. This malware generates a pop-up window, webpage, or email warning from what looks like an
official authority. It explains that your computer has been locked because of possible illegal activities on it and
demands payment before you can access your files and programs again.
Which of the following terms best matches the definition?

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic
undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?

A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part
in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?

It is a short-range wireless communication technology intended to replace the cables connecting portable of
fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to
connect and communicate using a short-range wireless connection.
Which of the following terms best matches the definition?

You have successfully gained access to your client’s internal network and successfully comprised a Linux
server which is part of the internal IP network. You want to know which Microsoft Windows workstations have
file sharing enabled.
Which port would you see listening on these Windows machines in the network?

Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully
selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known
and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise,
these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the
targeted entities are left with little or no defense against these exploits.
What type of attack is outlined in the scenario?

As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment
through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both
the organization’s interest and your liabilities as a tester?

It is an entity or event with the potential to adversely impact a system through unauthorized access, destruction,
disclosure, denial of service or modification of data.
Which of the following terms best matches the definition?

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to
pay to break into her husband’s email account in order to find proof so she can take him to court. What is the
ethical response?